Click to Skip Ad
Closing in...

Hackers behind massive $81M cyber-heist also compromised the backbone of the global financial system

Published Apr 25th, 2016 7:15AM EDT
Bangladesh Bank Malware SWIFT
Image: lookeen.com

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Hackers stole $81 million in a sophisticated attack on the Bangladesh Bank in February, which makes it one of the most impressive cyber-heist in history. The hackers were planning to steal $951 million in total, using fraudulent transactions. Recently uncovered evidence revealed that poor security – $10 internet routers – offered them access to the bank’s entire infrastructure, including the SWIFT servers that are responsible for financial transactions.

A new report indicates that hackers also breached SWIFT, the backbone of the global financial system that makes possible financial transactions.

DON’T MISS: Nissan trolls Tesla Model 3 in new ad campaign

According to Reuters, their plan was rather ingenious. They found a way to manipulate the SWIFT software used by the Bangladesh Bank to not only remove the history of the fraudulent transactions and manipulate balances in databases but also to prevent them from being printed on a printer in the SWIFT room that keeps track of all transactions. The malware would even intercept and destroy incoming messages confirming the transfers ordered by the hackers.

That way, the hackers hoped the transactions would remain undetected until the money would be laundered. Unfortunately, a misspelling made it possible for other banks to realize something was wrong, and alert the Bangladesh Bank and prevent hackers from running away with almost a billion dollars.

Of the $81 million stolen, much remains at large, as authorities are yet to identify the culprits and recuperate the money.

Meanwhile, SWIFT confirmed to Reuters that it was aware of the sophisticated malware used to target its client software. The organization said it would issue a software update on Monday to patch it, along with a special warning to other financial institutions.

The initial discovery came from BAE, whose researchers told Reuters that they believe they discovered the malware used to manipulate the SWIFT client know as Alliance Access.

“I can’t think of a case where we have seen a criminal go to the level of effort to customize it for the environment they were operating in,” BAE’s head of threat intelligence Adrian Nish said about the malware. “I guess it was the realization that the potential payoff made that effort worthwhile.”

Nish added that “the general tools, techniques, and procedures used in the attack may allow the gang to strike again.”

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2007. When he’s not writing about the most recent tech news for BGR, he closely follows the events in Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming new movies and TV shows, or training to run his next marathon.